我们使用的 sasl 机制是SCRAM-SHA-256但 kafka 生产者只会接受sasl_mechanism作为PLAIN、GSSAPI、OAUTHBEARER
以下配置将给出错误
sasl_mechanism must be in PLAIN, GSSAPI, OAUTHBEARER
配置
ssl_produce = KafkaProducer(bootstrap_servers='brokerCName:9093',
security_protocol='SASL_SSL',
ssl_cafile='pemfilename.pem',
sasl_mechanism='SCRAM-SHA-256',
sasl_plain_username='password',
sasl_plain_password='secret')
我需要知道如何指定正确的 sasl 机制。
谢谢
更新了kafka-python v2.0.0+ 的答案
从 2.0.0 开始,kafka-python 同时支持SCRAM-SHA-256和SCRAM-SHA-512。
旧版本kafka-python的先前答案
据我了解,您正在使用kafka-python客户端。从源代码中,我可以看到sasl_mechanism='SCRAM-SHA-256'不是一个有效的选项:
"""
...
sasl_mechanism (str): Authentication mechanism when security_protocol
is configured for SASL_PLAINTEXT or SASL_SSL. Valid values are:
PLAIN, GSSAPI, OAUTHBEARER.
...
"""
if self.config['security_protocol'] in ('SASL_PLAINTEXT', 'SASL_SSL'):
assert self.config['sasl_mechanism'] in self.SASL_MECHANISMS, (
'sasl_mechanism must be in ' + ', '.join(self.SASL_MECHANISMS))
一种快速解决方法是使用confluent-kafka支持sasl_mechanism='SCRAM-SHA-256'的客户端:
from confluent_kafka import Producer
# See https://github.com/edenhill/librdkafka/blob/master/CONFIGURATION.md
conf = {
'bootstrap.servers': 'localhost:9092',
'security.protocol': 'SASL_SSL',
'sasl.mechanisms': 'SCRAM-SHA-256',
'sasl.username': 'yourUsername',
'sasl.password': 'yourPassword',
# any other config you like ..
}
p = Producer(**conf)
# Rest of your code goes here..
kafka-python在 2.0.0 版本中同时支持SCRAM-SHA-256和SCRAM-SHA-512。